Despite Microsoft’s efforts to make its operating system a safe environment, the truth is that threats appear almost periodically that put the development of the American company in check. And that’s what one researcher has discovered by revealing a exploit that allows to obtain administrator permissions.
A new security breach that can make it easier for an attacker to gain administrator privileges and affects both Windows 10 and Windows 11 and Windows Server 2022. A zero-day vulnerability that leaves a team totally exposed.
No solution for now
Exploit discovered. Github Image
This is a security breach discovered by researcher Abdelhamid Naceri, who found a zero-day elevation of privilege vulnerability that managed to overcome the patch released by Microsoft on Patch Tuesday launched in November under the number CVE-2021-41379.
In Engadget Windows
Are you worried if a file might be infected? These antivirus do not require installation and can get you out of more than one trouble
The vulnerability affects all supported versions of Windows, including Windows 10, Windows 11, and Windows Server 2022 and patch CVE-2021-41379 has not fixed it. If an attacker takes advantage of it, they can gain administrator privilege access to a computer.
In fact, since BleepingComputer claim that they have tested the exploit (InstallerFileTakeOver) and have managed to open the command prompt with administrator privileges from an account with standard privileges on a Windows 10 21H1 Build 19043.1348 computer.
To demonstrate how it works, Abdelhamid Naceri published details of how the exploit works in GitHub, explaining that works on all supported versions of Windows. In passing, he explains that although group policies can be configured to prevent unprivileged users from performing operations with MSI files, this exploit renders this measure useless.
The reason why Abdelhamid Naceri is due to the frustration over falling Microsoft payments in the bug bounty program.
{“videoId”: “x85g2v7”, “autoplay”: true, “title”: “TOP APPS WINDOWS 11: 11 ESSENTIAL programs for your new WINDOWS”}
It is expected that Microsoft will fix this zero-day vulnerability in an upcoming update on Patch Tuesday. For now, the discoverer cautions that it is not advisable to try to fix the vulnerability by patching the binaryas it will probably break the installer.
Via | Bleeping Computer
More information | GitHub
(function () {window._JS_MODULES = window._JS_MODULES || {}; var headElement = document.getElementsByTagName (‘head’)[0]; if (_JS_MODULES.instagram) {var instagramScript = document.createElement (‘script’); instagramScript.src = “https://platform.instagram.com/en_US/embeds.js”; instagramScript.async = true; instagramScript.defer = true; headElement.appendChild (instagramScript); }}) ();
–
The news
They discover a zero day exploit allows to acquire administrator privileges on computers with Windows 10, 11 and Windows Server
was originally published in
Engadget Windows
by Jose Antonio Carmona.
